non-root container with s6-overlay

[poggenpower]

This using s6-overlay to manage processes need to run in the container.
s6-services/ contains all files for services control. entrypoint.sh is not executed anymore
jsonrpc2-helper is migrated into the startscript s6-services/signal-json-rpc/run. I don't see an advantage to use a separate
generator. I think it is all in one place now and not less maintainable.

[poggenpower]

@bbernhard this is a first draft of my non-root approach. It replaces #789 If you can take a quick look if it going into the right direction or if you see anything showstopper or things that doesn't fit for you.
@kaktus42 any tests and feedback is welcome too.

It is a draft. Not heavily tested jet. Need still some cleanup e.g. removal of jsonrpc2-helper.go

if you don't want to build on your own for first tests, you can use: ghcr.io/poggenpower/signal:noroot-s6. It is AMD64/x86 only.

[bbernhard]

Many thanks for your PR!

I think it might be a good idea to merge any changes to a separate branch - I've just created the rootless_s6 branch for that purpose. (I think I could change the target branch myself too, but I didn't want to mess with your PR). Since this is going to be a pretty big change, I guess it might make sense to test the changes on a separate branch (maybe even release official testing images to get more feedback) and merge it into the master branch once we are sure it's not going to break anything.

Regarding the jsonrpc2-helper: Personally I am not a big fan of bash - imho it's quite easy to introduce subtle bugs and I find it harder to maintain (e.g I could imagine that the jsonrpc2.yml might grow in the future and writing that via bash feels a bit rough - I definitely would prefer a compiled language with proper library support here). But that's just a minor thing and can be done later - so no need to change that right now.

I'll try to find some time in the next days to check out the code and play a little bit with it myself to get a better feeling how s6 works :)